Description: Currently, flight controllers are often tasked with generating responses to multiple failures when they occur. However, during future space missions, flight controllers may be less available for this task, due to long communication delays during deep space missions, task overload as flight controllers manage many missions simultaneously, or reduced flight controller staffing per mission. To reduce the workload on the crew and/or flight controllers, it would be highly desirable to generate response procedures for multiple failures automatically or semi-automatically. When multiple failures occur, it seems attractive to use the procedures that were developed in advance to handle each of the individual failures. However, simply combining procedures in just any order might not work due to interactions among the faults, procedure goals, conditions, and effects. During Phase I, we began to develop the Multiple Failure Response Procedure (MFRP) System, which will automatically generate and present procedures for responding to multiple failures and ambiguity groups. The central idea of MFRP is to encode each the rationale of each procedure in a machine-readable way and to use this knowledge at run-time system to handle multiple problems and situations which may not have been specifically anticipated during procedure development. During Phase I, we developed a domain model and software prototype which generated valid responses for eight multiple failure scenarios for which naive application of single failure procedures was invalid or suboptimal, thus demonstrating the feasibility of our approach to multi-failure plan generation. For Phase II, we propose to extend MFRP flexibility, robustness, and ease of use. We will develop or enhance processes, models, algorithms, and software applications and tools to demonstrate the ability to handle complex domains, display multi-failure responses to users effectively, and reduce the cost and difficulty of applying MFRP to each domain.

Benefits: The technology resulting from this research will generate multi-failure response procedures from single-failure procedures in real-time when multiple failures occur or when ambiguous diagnoses are returned by automated diagnostic systems. This capability will extend the range of adverse situations for which procedures can be provided to support crew members and ground-based flight controllers. These multi-failure procedures can be used to respond to failures in air vehicles, space vehicles (manned and unmanned), and space habitats. Candidate applications to be explored during Phase II include, but are not limited to, the International Space Station, the Mars Transfer Vehicle simulation operated during NEEMO exercises, future mission systems architectures, and the proposed Macho Mengi (M2) Observatory System.

This technology can be used to enhance the range of adverse situations that can be supported by response procedures in other types of critical systems such as commercial aircraft, nuclear power plants and chemical plants, power distribution systems, and emergency response systems.